CVE-2021-45418

Name of the Vulnerable Software and Affected Versions: Starcharge Nova 360 Cabinet versions 1.3.0.0.6 and earlier Starcharge Titan 180 Premium versions 1.3.0.0.7b102 and earlier

Description: The issue is related to Directory Traversal via the main.cgi endpoint. This allows unauthorized access to sensitive files and directories. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations: For Starcharge Nova 360 Cabinet version 1.3.0.0.6 and earlier, update to version 1.3.0.0.9 or later. For Starcharge Titan 180 Premium version 1.3.0.0.7b102 and earlier, update to Beta version 1.3.0.1.0 or later. As a temporary workaround, consider restricting access to the main.cgi endpoint until a patch is available.